Application Delivery (ADX)

Reply
Contributor
Posts: 49
Registered: ‎04-24-2009

Port profiles - how do I configure a lower sessions timeout for UDP based services like DNS?

Looking at the port profiles I do not find any way to set a timeout below 2 minutes - am I doing something wrong? I would like to ensure DNS related sessions (UDP) are getting deleted as quickly as possible.

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Port profiles - how do I configure a lower sessions timeout for UDP based services like DNS?

I guess you have missed the following section in the SLB manual:

Enabling Fast Aging for UDP Sessions


When fast aging for UDP sessions is configured, a client request causes the ServerIron ADX to add an entry to its session table; when a response is detected, the ServerIron ADX immediately deletes the session table entry.

NOTE: Fast aging is the default behavior for the well-known DNS and RADIUS ports. To change DNS or RADIUS to use the UDP age timer instead, see “Enabling Normal UDP Aging for DNS and RADIUS” on page 2-76.

When this feature is configured, if the ServerIron ADX detects a server response to a client request, and the response is not fragmented, the session table entry is deleted immediately. If the response is fragmented, the ServerIron ADX waits for the last fragment to arrive, forwards it to the client, and then sends the session to the delete queue. The session stays in the delete queue for 8 seconds by default before being deleted. You can change the amount of time the session stays in the delete queue to between 1 – 40 seconds.

To activate fast aging for UDP sessions for port 1234, enter commands such as the following:

ServerIron(config)# server virtual-name-or-ip vs1 192.168.1.2
ServerIron(config-vs-vs1)# port 1234 udp-fast-age

Syntax: port <UDP-portnum> udp-fast-age

To set the amount of time sessions for ports configured with the udp-fast-age command stay in the delete queue before being deleted:

ServerIron(config)# server msl 2

Syntax: server msl <secs>

The <secs> parameter can be from 1 – 40 seconds.

This is part of the following doc section: VIP settings

Contributor
Posts: 49
Registered: ‎04-24-2009

Re: Port profiles - how do I configure a lower sessions timeout for UDP based services like DNS?

Looks like I have missed that one - you have solved my problems another time. Where are you based in? It looks like I am getting answer from you whenever I am online. You do not sleep a lot?

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Port profiles - how do I configure a lower sessions timeout for UDP based services like DNS?

I do get an email for every single post inside the ADI community... and I am trying to respond as quickly as anyhow possible. Sleep? Is not that boring?

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.